How sure are you that you have close to 0 critical CVEs in your Kubernetes cluster?
Just like for all companies today security is top of mind for Xenit and we try to come with a solution for this question.
At the time we were already scanning our images in our CI/CD pipeline at creation time using Trivy, but what about new CVEs that gets disclosed after the initial image build?
The increasing rates of cyber crime (by some measures, cyber crimes now outnumber all other crimes put together) which makes it harder for companies to protect themselves. The faster we can fix relatively simple problems like patching a CVE on container level the more secure we will be.
Xenit is hosting a number of Kubernetes clusters for our customers and we want a quick way of visualizing CVEs on a platform and a per customer basis. We want to achieve this without having to jumping around to different clusters and run some script to find out the answer to this question.